Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Can I set permissions for plugins by user role? (Vanilla 2.1 stable) SOLVED
whu606
MVP
Using Vanilla 2.1 stable.
I've had a look on here and on the wiki, but haven't found what I am looking for. (I may just have missed it.)
I see that plugins can check user permissions, and show based on that.
Is there a way to do this simply based on a user's role? That is, to check for a specific role, and allow the user access only if they are in that role?
Thanks for any help.
Tagged:
0
Comments
I've written a plugin that displays different themes based on users role. I think that will be a good starting point: https://github.com/R-J/RolebasedTheme/blob/master/class.rolebasedtheme.plugin.php
... but you have to think about users with more than one role, which is not very clean but since it is possible it might happen.
@R_J
Thanks very much. I'll have a shufti at that.
This is backwards.
Roles are assigned permissions. Permissions determine access not roles.
Roles are how you assign different sets of permissions to different users.
Yes you can do it, it but is is not vanilla.
grep is your friend.
In other words if you want to check if someone should be able to do something, you should check permissions not roles. Role, is to assign those permission to the user, and with multiple roles, the permissions are additive.
grep is your friend.
@x00
Thanks for that.
I guess what I should be asking then is
is there documentation/guidance on creating a custom permission to assign to users?
I can't see a use case for this, but you can definitely do it!
EDIT - Cross post. I thought it was an interesting problem, if not a little useless.
Search first
Check out the Documentation! We are always looking for new content and pull requests.
Click on insightful, awesome, and funny reactions to thank community volunteers for their valuable posts.
@hgtonight
Thanks very much for the input and example (and the knowledgeable discouragement!).
The situation is that I would like to limit the use of a plugin to a specified group of users, rather than allow it to be used by the whole forum.
From x00's input, I realise I should be asking how to set up a new permission via the plugin, so I end up with something like
(Gdn::Session()->CheckPermission('Plugins.Pluginname.Permission'))
In plugin you can set new permissions in the
RegisterPermissions
part of the$PluginInfo
, then you can useGdn::Session()->CheckPermission('YourPermission')
or even justCheckPermission('YourPermission')
to automatically deny from that point on
Gdn::Controller()->Permission('YourPermission')
(often used at the top of hooks).Note the dot syntax will influence how it will be displayed in the permissions groups under roles, and what it is grouped with
Common convention for naming a permission for a particular plugin would be
Plugins.PluginName.SomeFacility
it really depends on the nature of the permission how you wan to group it with.
Then after that is all set up you assign the permission to the roles.
grep is your friend.
@x00
Thank you so much for taking the trouble to help out.
That seems to be exactly what I needed to know.
Will have a fiddle and report back!
No worries!
You can register permissions automatically on plugin enable by adding
'RegisterPermissions' => array('AnyName.You.Want' => 1, 'Plugins.PluginName.PermType' => 0),
to your plugin info array.You can use any key you want but the general idea is to namespace them with a dot notation. For example, DiscussionPolls uses the following value:
This keeps all the plugins permissions in the same block and uses the 'standard' permissions. You notice that you don't have to assign a value to the new permissions. Assigning bool value will default it to on/off.
EDIT: Cross-post AGAIN!
Search first
Check out the Documentation! We are always looking for new content and pull requests.
Click on insightful, awesome, and funny reactions to thank community volunteers for their valuable posts.
I clarified some of the language in my reply.
grep is your friend.
Great topic & info, guys. Made a note to make this a developer doc.
whu606
any plugin that you have added to you setup that has an individual plugin setting in dashboard does essentially this.
to name a couple examples of plugins.
FileUpload
MembershipEnh
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
yep, I actually looked there first before making a reply, as it is no point repeating it, if I can link.
@Lincoln is everything from the old docs now covered in the new docs? Because I had to go to he old docs explicitly, as the link has changed.
grep is your friend.
@x00 to the rescue once again.
That did exactly what I was hoping it would.
Thanks again for the help.
Yes, I copy/pasted any old docs that were still relevant into the new docs and will be revising them as soon as possible. The old docs site will be going offline as soon as I can get 301s set up.
Thanks to everyone for their help.
@Peregrine, I did look at a couple of plugins which I knew had permissions options in the dashboard, but hadn't realised it was as straightforward as declaring a permission via Register Permissions.
I've edited the title a bit to reflect the question I should have asked...
Ah, but the original was still a question others will ask and need to learn they are likewise asking the wrong question I did it myself when I was getting started.